[Bug 268246] crash and panic using pfsync on 13.1-RELEASE

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 18 Jan 2023 19:42:48 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268246

--- Comment #29 from jjasen@gmail.com ---
(In reply to Kristof Provost from comment #28)

These help?

bt
#0  __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
#1  doadump (textdump=textdump@entry=1) at
/usr/src/sys/kern/kern_shutdown.c:399
#2  0xffffffff80c2bf41 in kern_reboot (howto=260) at
/usr/src/sys/kern/kern_shutdown.c:487
#3  0xffffffff80c2c3be in vpanic (fmt=0xffffffff811ddd9e "%s", ap=<optimized
out>)
    at /usr/src/sys/kern/kern_shutdown.c:920
#4  0xffffffff80c2c1c3 in panic (fmt=<unavailable>) at
/usr/src/sys/kern/kern_shutdown.c:844
#5  0xffffffff810d5855 in trap_fatal (frame=0xfffffe020479eb00, eva=24) at
/usr/src/sys/amd64/amd64/trap.c:944
#6  0xffffffff810d58af in trap_pfault (frame=0xfffffe020479eb00,
usermode=false, signo=<optimized out>,
    ucode=<optimized out>) at /usr/src/sys/amd64/amd64/trap.c:763
#7  <signal handler called>
#8  0xffffffff80cc3a40 in m_copym (m=0x0, m@entry=0xfffff819c9e4a600,
off0=8268, len=8192, wait=wait@entry=1)
    at /usr/src/sys/kern/uipc_mbuf.c:510
#9  0xffffffff80de89bf in ip_fragment (ip=<optimized out>,
ip@entry=0xfffff819c9e4a668,
    m_frag=m_frag@entry=0xfffffe020479ed80, mtu=mtu@entry=9000,
if_hwassist_flags=<optimized out>)
    at /usr/src/sys/netinet/ip_output.c:992
#10 0xffffffff80de8373 in ip_output (m=0xfffff819c9e4a600, opt=<optimized out>,
opt@entry=0x0,
    ro=<optimized out>, ro@entry=0x0, flags=flags@entry=0, imo=<optimized out>,
imo@entry=0x0,
    inp=<optimized out>, inp@entry=0x0) at /usr/src/sys/netinet/ip_output.c:816
#11 0xffffffff829d9851 in pfsyncintr (arg=0xfffff80118f98d80) at
/usr/src/sys/netpfil/pf/if_pfsync.c:2353
#12 0xffffffff80beb31a in intr_event_execute_handlers (ie=0xfffff80118f74c00,
p=<optimized out>)
    at /usr/src/sys/kern/kern_intr.c:1168
#13 ithread_execute_handlers (ie=<optimized out>, p=<optimized out>) at
/usr/src/sys/kern/kern_intr.c:1181
#14 ithread_loop (arg=arg@entry=0xfffff80118f1de40) at
/usr/src/sys/kern/kern_intr.c:1269
#15 0xffffffff80be7d1e in fork_exit (callout=0xffffffff80beb0c0 <ithread_loop>,
arg=0xfffff80118f1de40,
    frame=0xfffffe020479ef40) at /usr/src/sys/kern/kern_fork.c:1093
#16 <signal handler called>
#17 mi_startup () at /usr/src/sys/kern/init_main.c:322
Backtrace stopped: Cannot access memory at address 0x8


frame 11
#11 0xffffffff829d9851 in pfsyncintr (arg=0xfffff80118f98d80) at
/usr/src/sys/netpfil/pf/if_pfsync.c:2353
2353                                    ip_output(m, NULL, NULL, 0, NULL,
NULL);

(kgdb) print arg
$1 = (void *) 0xfffff80118f98d80

(kgdb) info locals
et = {et_link = {tqe_next = 0x0, tqe_prev = 0xfffffe017cb5dad8}, et_td =
0xfffffe0204095900, et_section = {
    bucket = 0}, et_old_priority = 28 '\034'}
sc = 0xfffff80118f98d80
saved_vnet = 0x0
c = <optimized out>
m = 0xfffff819c9e4a600
b = 0xfffffe0212b453e0
n = 0x0

frame 10
#10 0xffffffff80de8373 in ip_output (m=0xfffff819c9e4a600, opt=<optimized out>,
opt@entry=0x0,
    ro=<optimized out>, ro@entry=0x0, flags=flags@entry=0, imo=<optimized out>,
imo@entry=0x0,
    inp=<optimized out>, inp@entry=0x0) at /usr/src/sys/netinet/ip_output.c:816
816             error = ip_fragment(ip, &m, mtu, ifp->if_hwassist);
(kgdb) info locals
in_ifa_tracker = {rmp_cpuQueue = {rmq_next = 0xc, rmq_prev =
0xfffff80118f98d80},
  rmp_rmlock = 0xfffff803e7ed883c, rmp_thread = 0x0, rmp_flags = -1416921440,
rmp_qentry = {le_next = 0x0,
    le_prev = 0xfffffe020479ed40}}
iproute = {ro_nh = 0x0, ro_lle = 0x0, ro_prepend = 0x0, ro_plen = 0, ro_flags =
128, ro_mtu = 0, spare = 0,
  ro_dst = {sa_len = 16 '\020', sa_family = 2 '\002', sa_data = '\000' <repeats
13 times>}}
no_route_but_check_spd = <optimized out>
ia = 0xfffff8010514c300
vlan_pcp = -1
error = <optimized out>
mtu = 9000
hlen = 20
ifp = <optimized out>
ip = 0xfffff819c9e4a668
ip_len = <optimized out>
fibnum = 0
dst = 0xfffffe020479edb0
gw = 0xfffff8034b0aa404
src = <optimized out>
isbroadcast = <optimized out>
m0 = <optimized out>
ip_off = <optimized out>

frame 9
#9  0xffffffff80de89bf in ip_fragment (ip=<optimized out>,
ip@entry=0xfffff819c9e4a668,
    m_frag=m_frag@entry=0xfffffe020479ed80, mtu=mtu@entry=9000,
if_hwassist_flags=<optimized out>)
    at /usr/src/sys/netinet/ip_output.c:992
992                     m->m_next = m_copym(m0, off, len, M_NOWAIT);
(kgdb) info locals
mhip = 0xfffff8051c43b068
m = 0xfffff8051c43b000
mhlen = <optimized out>
m0 = <optimized out>
len = 8192
hlen = 20
error = 0
ip_len = <optimized out>
ip_off = 1600
off = 8268
nfrags = 2
mnext = <optimized out>
firstlen = 56

frame 8
#8  0xffffffff80cc3a40 in m_copym (m=0x0, m@entry=0xfffff819c9e4a600,
off0=8268, len=8192, wait=wait@entry=1)
    at /usr/src/sys/kern/uipc_mbuf.c:510
510                     if (off < m->m_len)
(kgdb) info locals
copyhdr = 0
off = 8188
np = <optimized out>
top = <optimized out>
n = <optimized out>

-- 
You are receiving this mail because:
You are the assignee for the bug.